_output="[console|logfile]"
_input_opt="[iface|pcap]"
_input_devfile="[theiface|pcapfile(path: test/)]"
_mode="[ac|rbac|rb|none]"
usage="usage: $0 $_output $_input_opt $_input_devfile $_mode"
snort_dir="/usr/local/snort"
snort_bin_dir="$snort_dir/bin"
snort_etc_dir="$snort_dir/etc"
pcap_dir=".../test/"
if [ $# -ne 4 ]
then
echo $usage
exit
else
case $1 in
"console")
log="-A console";;
"logfile")
log="";;
*)
echo "error in first parameter: $_output"
log="ERROR"
echo $usage
exit;;
esac
case $2 in
"iface")
from="-i ";;
"pcap")
from="--daq pcap --daq-mode read-file -r $pcap_dir";;
*)
echo "error in second parameter: $_input_opt"
from="ERROR"
echo $usage
exit;;
esac
dev_file=$3
case $4 in
"ac")
snort_conf="$snort_etc_dir/snort_ac.conf";;
"rbac")
snort_conf="$snort_etc_dir/snort_rbac.conf";;
"rb")
snort_conf="$snort_etc_dir/snort_rb.conf";;
"none")
snort_conf="$snort_etc_dir/snort_none.conf";;
*)
echo "error in fourth parameter: $_mode"
snort_conf="ERROR"
echo $usage
exit;;
esac
fi
#echo "log: $log"
#echo "from: $from"
#echo "dev_file: $dev_file"
#echo "snort_conf: $snort_conf"
#echo "sudo $snort_bin_dir/snort -u snort -g snort -c $snort_conf $log $from$dev_file"
sudo $snort_bin_dir/snort -u snort -g snort -c $snort_conf $log $from$dev_file
echo
echo " -> sudo $snort_bin_dir/snort -u snort -g snort -c $snort_conf"
echo " $from$dev_file"
if [ $1 == "console" ]
then
echo " $log"
else
echo " (logfile)"
fi
if [ $1 == "logfile" ]
then
sudo rm /var/log/snort/snort.*
fi
e-REdING. Biblioteca de la Escuela Superior de Ingenieros de Sevilla.
